The Path to Prioritizing Cybersecurity in Healthcare
Technology is only half the battle when it comes to cybersecurity measures for healthcare organizations. The remainder is awareness. Phil Alexander joins John Zuziak on today’s show to dig into common gaps in security awareness and their implications. Phil and John examine the elements of a successful security awareness program, including how to gain buy-in; setting goals; identifying wins; communicating progress and successes; and ultimately making security awareness a part of the organization’s culture.
This conversation features John Zuziak, director of the Security and IT Risk Management Practice for Change Healthcare, and Phil Alexander, CISO for North Mississippi Health Services.
Here’s what they report on:
The need to emphasize security awareness in healthcare
Tailoring security awareness training by job function
Topics to include in security awareness training
Gamifying security awareness
Making security awareness training work on a lean budget
Building a security awareness program from scratch
How to identify program goals
Ideal KPIs for success
How to win leadership buy-in for security awareness training
Communicating program success
Pitfalls to avoid
Proof security awareness can succeed in healthcare